559 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Tony Arcieri	1dfcb1d64a	.github: lint advisories after assigning ID (#324)	2020-06-30 11:50:26 -07:00
Ralf Jung	9cd619f167	make memoffset advisory informational (#317)	2020-06-30 11:49:45 -07:00
github-actions[bot]	46c23f6c94	Assign RUSTSEC IDs (#323) ... Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>	2020-06-30 10:27:13 -07:00
quininer	de07a7d207	Add tokio-rustls DoS advisory (#304)	2020-06-30 02:01:58 -04:00
Alex Gaynor	48c8653408	Attempt to fix failing assign-ids task (#322)	2020-06-29 15:17:17 -07:00
Alex Gaynor	418954a939	Create github action to assign RUSTSEC ids (#311) ... * Create github action to assign RUSTSEC ids * Bump	2020-06-29 15:07:56 -07:00
Tony Arcieri	45495b767e	.github: bump rustsec-admin cache key (#321) ... ...to match the new `rustsec-admin` v0.2.0 release: https://github.com/RustSec/rustsec-admin/pull/57	2020-06-29 11:17:28 -07:00
Ralf Jung	ae22eb47d2	CONTRIBUTING: mention soundness issues (#314)	2020-06-22 06:41:01 -07:00
Tony Arcieri	5049594b75	Add unmaintained crate advisory for block-cipher-trait (RUSTSEC-2020-0018) (#310) ... * Add unmaintained crate advisory for `block-cipher-trait` It's been renamed to `block-cipher`. See: https://github.com/RustCrypto/traits/pull/139 * Assign RUSTSEC-2020-0018 to block-cipher-trait	2020-06-10 11:22:55 -07:00
Tony Arcieri	8587ec259a	Assign RUSTSEC-2020-0017 to internment (#309) ... Original PR: https://github.com/RustSec/advisory-db/pull/306	2020-06-07 08:19:36 -07:00
Jeremy Fitzhardinge	0f5a2dc239	Add advisory for internment (#306) ... `internment` 0.3.12 has a race condition in ArcIntern::drop which can result in use-after-free.	2020-06-07 07:55:58 -07:00
Tony Arcieri	efef3b953e	Merge pull request #303 from RustSec/RUSTSEC-2018-0017 ... Assign RUSTSEC-2018-0017 to tempdir	2020-05-17 09:33:29 -07:00
Tony Arcieri	7d4ce9ae4f	Assign RUSTSEC-2018-0017 to tempdir ... Original PR: https://github.com/RustSec/advisory-db/pull/295	2020-05-17 08:58:19 -07:00
Tony Arcieri	4853671ffa	Merge pull request #295 from oherrala/tempdir ... tempdir crate has been deprecated since 2018-02-13	2020-05-17 08:54:35 -07:00
Tony Arcieri	5e13e75907	Merge pull request #301 from RustSec/RUSTSEC-2020-0016 ... Assign RUSTSEC-2020-0016 to net2	2020-05-17 08:53:47 -07:00
Tony Arcieri	1639be6561	Assign RUSTSEC-2020-0016 to net2 ... Original PR: https://github.com/RustSec/advisory-db/pull/296	2020-05-17 08:52:19 -07:00
Tony Arcieri	a855755aa7	Merge pull request #296 from oherrala/net2 ... net2 crate has been deprecated; use socket2 instead	2020-05-17 08:50:59 -07:00
Ossi Herrala	a3c68605c7	net2 crate has been deprecated; use socket2 instead ... Fixes #285	2020-05-13 10:45:41 +03:00
Ossi Herrala	25f622bacf	tempdir crate has been deprecated since 2018-02-13.	2020-05-13 10:18:39 +03:00
Tony Arcieri	4565a921dd	Merge pull request #286 from RustSec/RUSTSEC-2020-0015 ... Assign RUSTSEC-2020-0015 to openssl-src	2020-05-04 16:46:31 -07:00
Tony Arcieri	e44e26f397	Assign RUSTSEC-2020-0015 to openssl-src ... Original PR: https://github.com/RustSec/advisory-db/pull/277/files	2020-05-04 16:39:42 -07:00
Tony Arcieri	f2feb205c6	Merge pull request #277 from lzutao/cve-openssl ... warn about CVE-2020-1967	2020-05-04 16:38:10 -07:00
Tony Arcieri	e4ac8b16e7	Merge pull request #283 from Veetaha/patch-1 ... Add `cargo-deny` to the list of RustSec clients	2020-05-02 11:59:16 -07:00
Veetaha	b0bc62bdd5	Add cargo-deny to the list RustSec clients ... `cargo-deny` is an awesome tool, it seems to be the superset of `cargo-audit`. I think it is reasonable to mention it here along with `cargo-audit`. cc @Jake-Shadle	2020-05-02 20:27:32 +03:00
Tony Arcieri	aa789b9cbd	Merge pull request #280 from Manishearth/obsolete ... RUSTSEC-2020-0011: make obsolete (closes #275)	2020-04-26 07:06:32 -07:00
Manish Goregaokar	2b2b57668d	RUSTSEC-2020-0011: make obsolete	2020-04-25 20:47:58 -07:00
Tony Arcieri	03f59c6a56	Merge pull request #279 from CAD97/patch-1 ... RUSTSEC-2020-0011: make wording more objective	2020-04-25 12:13:38 -07:00
Christopher Durham	c63704f56b	RUSTSEC-2020-0011: make wording more objective	2020-04-25 15:10:50 -04:00
Tony Arcieri	0416e6aea7	Merge pull request #278 from RustSec/RUSTSEC-2020-0011/mark-as-informational ... RUSTSEC-2020-0011: mark as informational	2020-04-25 12:02:52 -07:00
Tony Arcieri	63ca3a7793	RUSTSEC-2020-0011: mark as informational ... See discussion on https://github.com/RustSec/advisory-db/issues/275#issuecomment-619241211	2020-04-25 12:00:31 -07:00
Lzu Tao	cff4f820ac	warn about CVE-2020-1967	2020-04-25 15:38:14 +00:00
Tony Arcieri	eb2618ee1e	Merge pull request #274 from RustSec/RUSTSEC-2020-0014 ... Assign RUSTSEC-2020-0014 to rusqlite	2020-04-24 12:42:08 -07:00
Tony Arcieri	183f65dfd1	Assign RUSTSEC-2020-0014 to rusqlite ... Original PR: https://github.com/RustSec/advisory-db/pull/267	2020-04-24 12:40:14 -07:00
Tony Arcieri	dea12f0602	Merge pull request #267 from thomcc/rusqlite ... Add advisory for rusqlite	2020-04-24 12:39:27 -07:00
Tony Arcieri	185c7d1c1d	Merge pull request #273 from RustSec/RUSTSEC-2020-0013 ... Assign RUSTSEC-2020-0013 to fake-static	2020-04-24 12:38:34 -07:00
Tony Arcieri	2d87929fc8	Assign RUSTSEC-2020-0013 to fake-static ... Original PR: https://github.com/RustSec/advisory-db/pull/270	2020-04-24 12:37:27 -07:00
Tony Arcieri	79a4b2fe7f	Merge pull request #270 from eduardosm/fake-static ... Add advisory for fake-static	2020-04-24 12:36:49 -07:00
Tony Arcieri	54532e80c5	Merge pull request #272 from RustSec/RUSTSEC-2020-0012 ... Assign RUSTSEC-2020-0012 to os_str_bytes	2020-04-24 12:36:30 -07:00
Tony Arcieri	a4b88992e9	Assign RUSTSEC-2020-0012 to os_str_bytes ... Original PR: https://github.com/RustSec/advisory-db/pull/269	2020-04-24 12:35:29 -07:00
Tony Arcieri	e64a5618c6	Merge pull request #269 from eduardosm/os_str_bytes ... Add advisory for os_str_bytes	2020-04-24 12:34:37 -07:00
Tony Arcieri	1d48ab2e21	Merge pull request #271 from RustSec/RUSTSEC-2020-0011 ... Assign RUSTSEC-2020-0011 to plutonium	2020-04-24 12:33:37 -07:00
Tony Arcieri	2a0ed62cd1	Assign RUSTSEC-2020-0011 to plutonium ... Original PR: https://github.com/RustSec/advisory-db/pull/268	2020-04-24 12:30:55 -07:00
Tony Arcieri	a40b1c5192	Merge pull request #268 from najamelan/plutonium ... Advisory for plutonium.	2020-04-24 12:26:57 -07:00
Eduardo Sánchez Muñoz	6e85444c98	Add advisory for fake-static	2020-04-24 12:57:07 +02:00
Naja Melan	ab1840c2be	Try an empty array for patched versions. ... Co-Authored-By: Tony Arcieri <bascule@gmail.com>	2020-04-24 06:05:59 +00:00
Eduardo Sánchez Muñoz	16a2f4c592	Add advisory for os_str_bytes	2020-04-24 00:23:27 +02:00
Naja Melan	b761cd7428	Advisory for plutonium.	2020-04-23 23:26:08 +02:00
Thom Chiovoloni	f8c59e28af	Add advisory for rusqlite	2020-04-23 10:29:27 -07:00
Tony Arcieri	aecc04c1f1	Merge pull request #266 from RustSec/RUSTSEC-2017-0007 ... Assign RUSTSEC-2017-0007 to lz4-compress	2020-04-16 17:26:49 -07:00
Tony Arcieri	7a2a72d069	Assign RUSTSEC-2017-0007 to lz4-compress ... Original PR: https://github.com/RustSec/advisory-db/pull/264	2020-04-16 17:23:59 -07:00